Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography

Several recent works have proposed and implemented cryptography as a means to preserve privacy and security of patients health data. Nevertheless, the weakest point of electronic health record (EHR) systems that relied on these cryptographic schemes is key management. Thus, this paper presents the development of privacy and security system for cryptography-based-EHR by taking advantage of the uniqueness of fingerprint and iris characteristic features to secure cryptographic keys in a bio-cryptography framework. The results of the system evaluation showed significant improvements in terms of time efficiency of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the likelihood of imposters gaining successful access to the keys protecting patients protected health information. This result also justifies the feasibility of implementing fuzzy key binding scheme in real applications, especially fuzzy vault which demonstrated a better performance during key reconstruction

ESSVCS: an enriched secret sharing visual cryptography

Visual Cryptography (VC) is a powerful technique that combines the notions of perfect ciphers and secret sharing in cryptography with that of raster graphics. A binary image can be divided into shares that are able to be stacked together so as to approximately recover the original image. VC is a unique technique in the sense that the encrypted message can be decrypted directly by the Human Visual System (HVS). The distinguishing characteristic of VC is the ability of secret restoration without the use of computation. However because of restrictions of the HVS, pixel expansion and alignment problems, a VC scheme perhaps can only be applied to share a small size of secret image. In this paper, we present an Enriched Secret Sharing Visual Cryptography Scheme (ESSVCS) to let the VC shares carry more secrets, the technique is to use cypher output of private-key systems as the input random numbers of VC scheme, meanwhile the encryption key could be shared, the shared keys could be associated with the VC shares. After this operation, VC scheme and secret sharing scheme are merged with the private-key system. Under this design, we implement a (k; t; n)-VC scheme. Compared to those existing schemes, our scheme could greatly enhance the ability of current VC schemes and could cope with pretty rich secrets

Fulcrum: Flexible Network Coding for Heterogeneous Devices

Producción CientíficaWe introduce Fulcrum, a network coding framework that achieves three seemingly conflicting objectives: 1) to reduce the coding coefficient overhead down to nearly n bits per packet in a generation of n packets; 2) to conduct the network coding using only Galois field GF(2) operations at intermediate nodes if necessary, dramatically reducing computing complexity in the network; and 3) to deliver an end-to-end performance that is close to that of a high-field network coding system for high-end receivers, while simultaneously catering to low-end receivers that decode in GF(2). As a consequence of 1) and 3), Fulcrum has a unique trait missing so far in the network coding literature: providing the network with the flexibility to distribute computational complexity over different devices depending on their current load, network conditions, or energy constraints. At the core of our framework lies the idea of precoding at the sources using an expansion field GF(2 h ), h > 1, to increase the number of dimensions seen by the network. Fulcrum can use any high-field linear code for precoding, e.g., Reed-Solomon or Random Linear Network Coding (RLNC). Our analysis shows that the number of additional dimensions created during precoding controls the trade-off between delay, overhead, and computing complexity. Our implementation and measurements show that Fulcrum achieves similar decoding probabilities as high field RLNC but with encoders and decoders that are an order of magnitude faster.Green Mobile Cloud project (grant DFF-0602-01372B)Colorcast project (grant DFF-0602-02661B)TuneSCode project (grant DFF - 1335-00125)Danish Council for Independent Research (grant DFF-4002-00367)Ministerio de Economía, Industria y Competitividad - Fondo Europeo de Desarrollo Regional (grants MTM2012-36917-C03-03 / MTM2015-65764-C3-2-P / MTM2015-69138-REDT)Agencia Estatal de Investigación - Fondo Social Europeo (grant RYC-2016-20208)Aarhus Universitets Forskningsfond Starting (grant AUFF-2017-FLS-7-1

Deep-NC: a secure image transmission using deep learning and network coding

Visual communications have played an important part in our daily life as a non-verbal way of conveying information using symbols, gestures and images. With the advances of technology, people can visually communicate with each other in a number of forms via digital communications. Recently Image Super-Resolution (ISR) with Deep Learning (DL) has been developed to reproduce the original image from its low-resolution version, which allows us to reduce the image size for saving transmission bandwidth. Although many benefits can be realised, the image transmission over wireless media experiences inevitable loss due to environment noise and inherent hardware issues. Moreover, data privacy is of vital importance, especially when the eavesdropper can easily overhear the communications over the air. To this end, this paper proposes a secure ISR protocol, namely Deep-NC, for the image communications based on the DL and Network Coding (NC). Specifically, two schemes, namely Per-Image Coding (PIC) and Per-Pixel Coding (PPC), are designed so as to protect the sharing of private image from the eavesdropper. Although the PPC scheme achieves a better performance than the PIC scheme for the entire image, it requires a higher computational complexity on every pixel of the image. In the proposed Deep-NC, the intended user can easily recover the original image achieving a much higher performance in terms of Peak Signal-to-Noise Ratio (PSNR) and Structural Similarity Index Measure (SSIM) than those at the eavesdropper. Simulation results show that an improvement of up to 32 dB in the PSNR can be obtained when the eavesdropper does not have any knowledge of the parameters and the reference image used in the mixing schemes. Furthermore, the original image can be downscaled to a much lower resolution for saving significantly the transmission bandwidth with negligible performance loss

Errorless Robust JPEG Steganography using Outputs of JPEG Coders

Robust steganography is a technique of hiding secret messages in images so that the message can be recovered after additional image processing. One of the most popular processing operations is JPEG recompression. Unfortunately, most of today's steganographic methods addressing this issue only provide a probabilistic guarantee of recovering the secret and are consequently not errorless. That is unacceptable since even a single unexpected change can make the whole message unreadable if it is encrypted. We propose to create a robust set of DCT coefficients by inspecting their behavior during recompression, which requires access to the targeted JPEG compressor. This is done by dividing the DCT coefficients into 64 non-overlapping lattices because one embedding change can potentially affect many other coefficients from the same DCT block during recompression. The robustness is then combined with standard steganographic costs creating a lattice embedding scheme robust against JPEG recompression. Through experiments, we show that the size of the robust set and the scheme's security depends on the ordering of lattices during embedding. We verify the validity of the proposed method with three typical JPEG compressors and benchmark its security for various embedding payloads, three different ways of ordering the lattices, and a range of Quality Factors. Finally, this method is errorless by construction, meaning the embedded message will always be readable.Comment: 10 pages, 11 figures, 1 table, submitted to IEEE Transactions on Dependable and Secure Computin

Two Step Share Visual Cryptography Algorithm for Secure Visual Sharing

This paper re - examines the problem of visual secret sharing for general access structures by using visual cryptograms of random grids (VCRG). Given a binary or color secret image shared by a set of n participants with a strong access structure, we devise t wo effective algorithms to produce a set of VCRG so that the members in each qualified set can reconstruct the secret image by superimposing their sh ares, while those in any forbidden set cannot. The basic 2 out of 2 visual cryptography model consists of a secret message encoded into two transparencies, one transparency representing the cipher text and the other acting as a secret key. Both transparencies appear to be random dots when inspected individually and provide no information about the original clea r text. However, by carefully aligning the transparencies, the original secret message is reproduced. The actual decoding is accomplished by the human visual system. Our algorithms do not require any extr a pixel expansion, which is indispensable and grows exponentially as n increases in conventional visual cryptographic schemes

Design and implementation of applications over delay tolerant networks for disaster and battlefield environment

In disaster/battlefield applications, there may not be any centralized network that provides a mechanism for different nodes to connect with each other to share important data. In such cases, we can take advantage of an opportunistic network involving a substantial number of mobile devices that can communicate with each other using Bluetooth and Google Nearby Connections API(it uses Bluetooth, Bluetooth Low Energy (BLE), and Wi-Fi hotspots) when they are close to each other. These devices referred to as nodes form a Delay Tolerant Network (DTN), also known as an opportunistic network. As suggested by its name, DTN can tolerate delays and significant loss of data while forwarding a message from source to destination using store and forward paradigm. In DTN, it is of critical importance that the network is not completely flooded and also the message is not tampered or corrupted and readable only to the destined node. Three algorithms have been implemented in the Android platform. The first algorithm [1] focuses on intelligent data transfer based on each node\u27s interest and encourages each node to participate in data transfer by providing incentives and keeping track of the trustworthiness of each node. The second algorithm [2] focuses on the security of the transferred data by fragmenting both data- and key-shares with some redundancy and the destination node can resurrect the original data from the predefined minimum key- and data-shares. The third algorithm focusses on using object detection models and interest-based authorization using [3] to securely transfer and access data across DTN. The corrupted nodes are identified by using one-way keychain hashes created by source/relay nodes for a message which are validated at the destination node --Abstract, page iii

Competent Encryption Framework Based Secure Access Mechanism for Cloud Data Services

The demand for remote data storage and computation services is increasing exponentially in our data-driven society; thus, the need for secure access to such data and services. In this paper, we design a new -based authentication protocol to provide secure access to a remote (cloud) server. In the proposed approach, we consider data of a user as a secret credential. We then derive a unique identity from the user’s data, which is further used to generate the user’s private key. In addition, we propose an efficient approach to generate a session key between two communicating parties using for a secure message transmission. Session management in distributed Internet services is traditionally based on username and password, explicit logouts and mechanisms of user session expiration using classic timeouts. Emerging solutions allow substituting username and password with data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session. Additionally, the length of the session timeout may impact on the usability of the service and consequent client satisfaction. This paper explores promising alternatives offered by applying s in the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of data transparently acquired from the user. The analysis is carried out to assess the ability of the protocol to contrast security attacks exercised by different kinds of attackers

Quick response code secure: a cryptographically secure anti-phishing tool for QR code attacks.

The two-dimensional quick response (QR) codes can be misleading due to the difficulty in differentiating a genuine QR code from a malicious one. Since, the vulnerability is practically part of their design, scanning a malicious QR code can direct the user to cloned malicious sites resulting in revealing sensitive information. In order, to evaluate the vulnerabilities and propose subsequent countermeasures, we demonstrate this type of attack through a simulated experiment, where a malicious QR code directs a user to a phishing site. For our experiment, we cloned Google's web page providing access to their email service (Gmail). Since, the URL is masqueraded into the QR code the unsuspecting user who opens the URL is directed to the malicious site. Our results proved that hackers could easily leverage QR codes into phishing attack vectors targeted at smartphone users, even bypassing web browsers safe browsing feature. In addition, the second part of our paper presents adequate countermeasures and introduces QRCS (Quick Response Code Secure). QRCS is a universal efficient and effective solution focusing exclusively on the authenticity of the originator and consequently, the integrity of QR code by using digital signatures